SEDI Passes!

[Utah News Dispatch] Utah’s digital ID program, ‘digital bill of rights’ could lead the nation in privacy framework

One year after outlining state policy and creating privacy requirements, the legislature is back with a bill to implement a digital ID program for Utahns

Last night the Utah Senate unanimously passed SB275 State-Endorsed Digital Identity Amendments.

• Establishes the Digital Identity Bill of Rights

• Authorizes Utah’s State-Endorsed Digital Identity (SEDI) Program

• Creates the nation’s first comprehensive consumer protection framework governing issuers, wallet providers, verifiers, and relying parties for all state digital identities (not just SEDI).

• Introduces a first-in-the-nation Duty of Loyalty requirement,

If you’re asking “which digital ID wins,” you’re asking the wrong question.

A simple way to think about it:

✅ mDL = the document credential (high assurance, broad acceptance)

✅ VCs = the format for signed claims (portable proofs across use cases)

✅ SEDI = the governance / trust model (control, privacy posture, delegation)

This matters because once digital identity becomes public infrastructure, the debate shifts from “should we?” to “can others safely rely on it?”

Utah Digital Identity Bill of Right (and MyTerms?)

What I like most is the associated Bill of Rights. I’ve re-shared that as is below, and then added my own derivation that looks at these rights in individual/ first party language.

Agentic AI

(WE-BUILD) 𝗧𝗿𝘂𝘀𝘁𝗲𝗱 𝗜𝗱𝗲𝗻𝘁𝗶𝘁𝗶𝗲𝘀 𝗳𝗼𝗿 𝗔𝗜 𝗔𝗴𝗲𝗻𝘁𝘀 – 𝗔 𝗘𝘂𝗿𝗼𝗽𝗲𝗮𝗻 𝗢𝗽𝗽𝗼𝗿𝘁𝘂𝗻𝗶𝘁𝘆

We suggest that:

● The European Union convenes stakeholders to form a strategy for safe AI agents based on the EDIF and the Business Wallet framework.

● Standards bodies create working groups on interoperability between EU Digital Identity Wallets and AI agents.

● The European Union prioritises testing and pilots, and regulates only where strictly necessary

NIST Accelerating the Adoption of Software and AI Agent Identity and Authorization <- seeking comments

The US National Institute of Standards and Technology (NIST) has released a draft concept paper, titled Accelerating the Adoption of Software and AI Agent Identity and Authorization, which seeks to understand how identity principles such as identification, authentication, and authorization, and associated standards, apply to AI agents.

NIST is soliciting comments on the paper, with responses accepted until 2 April 2026.

Agents Are More Like Humans Than Workloads. Here’s Why That Matters for Identity.

The 20-year transition from Cloud to AI to Trust

- 2025s era of AI Infrastructure, currently democratizing intelligence through “AI ka UPI“ and shared compute resources.

- AI as the catalyst that makes the Trust Infrastructure necessary.

- 2030s era of Trust Infrastructure—the “next digitization wave”—which renders global value networks paper-less, document-less, contact-less, cash-less, presence-less and border-less indispensable layer of verified credibility anchored through trust infrastructures.

MATTR series on Agentic AI Trust

1) Agentic Commerce Needs Trust Infrastructure, Not Just Intelligence

2) Why Agentic Commerce Will Fragment — and Why That’s Not the Real Risk

3) The Hard Part of Agentic Commerce Isn’t AI — It’s Delegation

4) Why Trust Can’t Be Hard-Coded Into Agentic Systems

5) Building the Trust Fabric for Agentic Systems

AI agents have no way to judge what’s trustworthy.

With a Trust Graph, AI agents and applications can instantly determine trust and authenticity. And if you’re adopting content authenticity standards (CAI and C2PA), this will extend that effort to a new trust layer that we’re building at Noosphere.Tech.

Nation & State Digital ID

Portugal digital business wallet aims to simplify administration for companies

Tool for unifying company documents launches with four credentials, more on the way

Portugal has become the first EU nation to introduce a version of the European Business Wallet (EWB) for companies. A government release says the wallet “centralises in a single digital channel all of a company’s official documents in a secure and updated way.”

Australian state of Victoria kicks off digital birth certificate pilot

The digital birth certificate will first be trialled for enrolling children into kindergarten in three council areas, according to the Victorian government. Parents can add the digital document to the Service Victoria app, which currently offers more than 170 government services, including the veterans card, seniors card, digital driver’s licence, and more.

Books

(Eve Maler) [Book] Your identity strategy is your business model in disguise.

Her book: Mastering Digital Identity: From Risk to Revenue launches April 23, 2026.

The book cover shows four interlocked rings, inspired by the Four Ps and a Celtic form called Solomon’s Knot. It’s not just pretty, it’s the point. Pull one thread, and the others move with it.

Book: When Credentials Cause Harm: Unpacking the Risks of Verifiable Learning and Work Records.

In this powerful and research-grounded book, Kelly Page explores how verifiable learning and employment records (LERs) can unintentionally produce:

🟣 Surveillance and behavioral monitoring

🟣 Platform dependency and vendor lock-in

🟣 Misrepresentation of human experience

🟣 Erosion of meaningful consent

🟣 New inequities for marginalized communities

Considering the Role of the States

Degenerative Volatility and the Drift of the Westphalian State towards War

The Westphalian state does not invent new architecture in moments of pressure. It activates the control surfaces it already possesses: fiscal instruments, security apparatus, regulatory authority, procurement systems, and borders. These are high-leverage tools. They can steer capital, redirect production, restrict flows, and enforce compliance.

(Balaji) The purpose of crypto is to build a code-based order, because the rules-based order is unfortunately collapsing.

That’s what cryptocurrency was built for. If and when your state fails, or turns against you, the Internet will be there for you.

Digital sovereignty without the drama

You might think that worrying about digital sovereignty is a “rich-world concern”, a hobby for digital activists or neo-luddites. I believe the opposite: it’s a duty — a way to deserve the amazing tools we now have at our disposal, and the extraordinary potential they carry, for good or for harm.

DPI-AI Framework Vision paper on Building AI-Ready Nations through Digital Public Infrastructure.

This paper presents the DPI–AI Framework as a practical way to think about how artificial intelligence can be integrated into public digital systems through Digital Public Infrastructure (DPI). It is written at a moment when AI capabilities are advancing rapidly, while many governments are still grappling with fragmented systems, legacy architectures, and uneven institutional capacity. Rather than proposing AI as a standalone transformation, the paper explores how existing DPI foundations can provide structure and coherence for the use of AI in the public sector.

Is AI Sovereignty Possible: Balancing Autonomy and Interdependence

AI sovereignty is not about full independence but managed interdependence across a deeply globalised stack. The strategic priority is diversification, alliances, interoperability, and resilience across minerals, chips, cloud, energy, and talent.

Digital Convergence Initiative - Interop Standards for Employment Support Systems and Social Protection

𝗻𝗼𝘄 𝗮𝘃𝗮𝗶𝗹𝗮𝗯𝗹𝗲 𝗳𝗼𝗿 𝗽𝘂𝗯𝗹𝗶𝗰 𝗿𝗲𝘃𝗶𝗲𝘄. Your feedback is extremely valuable to ensure the standards are robust, scalable, and inclusive. You can access the draft standards on DCI GitBook (🔗 https://lnkd.in/eHCkMK3Y). 𝗣𝘂𝗯𝗹𝗶𝗰 𝗿𝗲𝘃𝗶𝗲𝘄 𝘄𝗲𝗯𝗶𝗻𝗮𝗿 𝗠𝗮𝗿𝗰𝗵 𝟭𝟮, 𝟮𝟬𝟮𝟲, 𝗳𝗿𝗼𝗺 𝟭𝟰:𝟬𝟬 𝘁𝗼 𝟭𝟱:𝟯𝟬 𝗖𝗘𝗧! We will discuss the standards development process and address any questions or concerns you might have about the standards. This is a great opportunity to make your voice heard!

Delegation After Identity

We now speak fluently about identifiers, wallets, verifiable credentials and interoperable trust registries. Yet the structural shift unfolding in parallel is far more consequential. Once identity becomes portable and machine-readable, the critical question is no longer who you are. It is who can act on your behalf, under what authority, within what boundaries, and with what means of withdrawal.

Part 1: Why Governance Has Already Moved

1. Authority Lives in Execution Infrastructure

2. Identity Solved Recognition, Not Authority

3. Legitimacy as an Architectural Property

4. Guardianship Formalises What Markets Cannot Price

5. The Delegation Stack as Governance Infrastructure

Part 2: The Spectrum of Autonomous Action

6. Five Modes of Delegation, Five Governance Regimes

7. The Delegation Paradox

8. Three Pillars of Delegation Infrastructure

9. Predictable Failure Modes

Part 3: Building the Delegation Layer

10. Guardianship Patterns for Autonomous Systems

11. Delegation as Civic Infrastructure

12. The Irreversible Transformation

The Minimum Digital Kernel of an Unbundled State

Government services often fail in a quiet way. You apply for a benefit, get rejected, and no one can clearly explain: Which rule was used? Which record was checked? Who is responsible? How do you fix it?

Sandboxes for DPI: Co-creating the blocks of digital trust

Online launch on March 12th (registration needed): https://lnkd.in/dYV34cTP

Our report refines the classification for experimentation by sharpening the distinction between regulatory, operational, and hybrid sandboxes, while proposing the first-ever formal definition of a “DPI Sandbox.” This conceptual framework is supported by the first global mapping of sandboxes specifically designed for DPI. We conclude with key recommendations for governments, the private sector, and civil society to engage in collaborative experimentation.

Thoughtful

Question for us..How do we reduce the preception of risk? All Successful Innovations Reduce the Perception of Risk

Safety in Numbers

An independent infrastructure that allows people to interact with others they relate to, find independent sources of support and feel safe.

The Next Digitization Wave: Moving from Data-Driven to Trust-Native

The war on PDFs is to solve ‘data debt’ and reclaim ‘dormant intelligence’. Startups are looking at semantic data by turning documents into structured code (like JSON or Markdown) that an AI can “reason” over instantly. And this is already going on.

Verifiable Credentials allow for Atomic Proofs. Instead of filling out a form to prove you’re a licensed broker or a doctor, your digital wallet shares a cryptographically signed Credential. The system checks the digital signature, sees it is from a trusted authority, and accepts it instantly.

Digital Identity Under Platform Rule (Part One)

Challenging the Authority Platforms Claim Over Identity in Digital and Physical Spaces

Digital Identity Under Platform Rule (Part Two)

When Technical Control Outpaces Social Governance — The Cost of Abstraction in Identity Infrastructure at Scale

The full essay is in conversation with written work from: RadicalxChange Foundation, E. Glen Weyl, Kaliya Young

(oldy but goodie ) Identity and Digital Self-Sovereignty: A New Paradigm for Sovereignty on the High Seas

Sovereignty on Today’s High Seas: The Internet

Identity as Continuous Addressability: Continuity of self-sameness over time is the most fundamental presupposition about identity which must be enshrined in a self-sovereign system of governance.

Is AI Sovereignty Possible In 2026? Managed Interdependence Beats Isolation

AI Sovereignty Is Not A Switch. It Is A Strategy.

This report argues “AI Sovereignty” is best understood as a spectrum of choices that increase a country’s capacity to make independent decisions about critical AI infrastructure deployment, use, & adoption, not literal autarky. The practical alternative is “Managed Interdependence”, using alliances & partnerships to reduce risk across the stack while preserving interoperability.

The Office for Digital Identity and Attributes

The Office for Digital Identity and Attributes within the Department for Science, Innovation and Technology has today published updates to the UK’s digital ID / Digital Verification Services Trust Framework (DVSTF, renamed from the DIATF):

(Telefonica) The Future is Biometric: Why Next Generation Solutions Matter

Next-generation biometric systems, powered by decentralized AI techniques like federated learning and on-device training, are enabling secure, privacy-preserving authentication across sectors while addressing challenges of bias, spoofing, and GDPR compliance — positioning biometrics as a cornerstone of trustworthy digital identity.

Scientists say no to age-assessment technology.

TL;DR Governments worldwide are moving to restrict access to online services based on age. More than 370 scientists have signed an open letter calling for a moratorium on age-assessment technologies until there is solid evidence of their feasibility and societal impact. Protecting minors is essential — but blanket identity control across the internet is unlikely to be the right solution.

Software is Changing

Our enterprise customers aren’t paying for the login button; they’re paying for the human accountability behind it: the SLAs, the SOC 2 audits, the active CVE responses, and the security hygiene that a machine can’t guarantee. Open source isn’t dying, but the business model has to evolve. We’re moving from selling “features” to selling “responsibility.”

EU

EUDI Nexus - Wallet Ecosystem StandardsEUDI Focus

6 signals shaping the EUDI Wallet ecosystem. 🇪🇺📲

The ecosystem is moving from discussion to deployment. The only way to confidently de-risk your EUDI project is with reliable market intelligence. Join hundreds of leaders who rely on this newsletter to stay ahead of the curve.

(Also see the Lissi Newsletter on EUDI)

Mutual recognition of UK and EU digital identity schemes

We tackled the vexed legal and political question of how to align the fledgling UK digital identity system with the EU eIDAS framework and the EU digital identity wallet (EUDI wallet).

A Product Safety Playbook for the Digital Age

Current digital product regulation resembles a chaotic free-for-all rather than a coherent strategy, and the author argues that adopting a “digital product safety” framework — modeled on the history of physical product safety regulation — is urgently needed to counter both the natural knowledge lag and industry’s well-funded resistance tactics.

(Siros) Zero Knowledge Proofs: shifting where the work happens

While current digital identity wallets often rely on batch credential issuance to achieve selective disclosure — a method that becomes costly and correlation-prone at national scale — the SIROS Foundation argues that zero-knowledge proofs offer a more privacy-preserving and scalable alternative by shifting cryptographic complexity from central issuers to user devices, enabling unlinkable, minimal-disclosure proofs from a single credential.

(IEEE) The Age-Verification Trap: Verifying user’s ages undermines everyone’s data protection

Age-restriction laws create an inescapable trap: effectively enforcing minimum age requirements forces platforms to collect, retain, and continuously monitor personal data in ways that directly undermine data privacy law — and the problem is worse in countries with weaker identity infrastructure, where companies fill the gap with even more invasive surveillance.

#OfDIA’s survey on “international use of digital identities and credentials”

There are no earth-shattering revelations. The 39 respondents overwhelmingly agreed that the UK should prioritise a ‘mutual recognition agreement’ (MRA) with the EU.

What happened last week at the AI for Impact Summit in India??!?

1. India positioned this as the first AI summit hosted by the Global South

2. Digital Public Infrastructure (DPI) was everywhere.

3. Multilingualism emerged as a core equity issue

4. India unveiled the “MANAV” vision … Moral and ethical systems, Accountable governance, National sovereignty, Accessible and inclusive technology, Valid and legitimate systems.

5. Big money showed up. Google announced a $15 billion investment in an AI hub in Visakhapatnam.

6. The Global South framing was real to many in my network, not just branding.

The customer experience of the EU Digital ID Wallet will have to be 10x better

The EUDIW will struggle to achieve mass adoption unless its designers prioritize user experience over technology and regulation — and right now, there’s little evidence they are.

Triples failed us. Here’s what we built instead. 🧠

Classic graph structures like RDF triples fail to capture the hierarchical, multi-relational nature of human memory, but through a progression from hypergraphs to metagraphs, the author arrived at layered bipartite graphs as an elegant solution. This approach achieves full metagraph expressiveness — modeling complex, recursive, contextual memory — using standard property graph databases like Neo4j that already exist today.

𝐈𝐟 𝐃𝐢𝐠𝐢𝐭𝐚𝐥 𝐏𝐫𝐨𝐝𝐮𝐜𝐭 𝐏𝐚𝐬𝐬𝐩𝐨𝐫𝐭𝐬 𝐬𝐭𝐚𝐲 𝐜𝐨𝐦𝐩𝐥𝐢𝐚𝐧𝐜𝐞-𝐨𝐧𝐥𝐲, 𝐭𝐡𝐞𝐲 𝐛𝐞𝐜𝐨𝐦𝐞 𝐚 𝐜𝐨𝐬𝐭 — 𝐧𝐨𝐭 𝐚 𝐜𝐚𝐭𝐚𝐥𝐲𝐬𝐭.

A DPP is a standardized data exchange infrastructure. Value emerges when:

• The right additional data is shared

• Clear business cases are defined

• Financial incentives are aligned

Not more data. -> The right data.

Architecture Before Argument

When new substrates emerge, the first draft of order is rarely written in a legislature. It is written in contracts, in code, in standards documents, in committee rooms where engineers argue about field lengths and message formats. The legal system often arrives later, sometimes years later, to interpret, correct, or contain what has already hardened into infrastructure.

Digital Infrastructure and Legal Certainty

The UNCITRAL: United Nations Commission on International Trade Law Colloquium on “Harmonizing law in the age of digital trade and finance – digital assets and platforms” https://lnkd.in/gAiEePJ5 illustrated how legal certainty is critical to the functioning of Platforms, Exchanges, and Registries, underscoring that digital infrastructures supporting trade and finance rarely fail because of the technology.

The Empowerment Stack is Here

Own and control a standards-based digital identifier.

Gather and curate your core personal data.

Deploy an AI agent acting on your behalf in a fiduciary capacity.

Propose and enact MyTerms agreements with organizations you engage with.

Account recovery is the identity industry’s most overlooked challenge

Last year at Identiverse, I joined an expert panel on account recovery alongside Dean Saxe (IDpro), Ove-Morten Stalheim (BankID Norway), Rob Brown (Inverid), and Bertrand Carlier (Wavestone). The discussion kept coming back to the same point: most companies have account recovery in the wrong bucket. They treat it as a customer service problem when it’s really a security and business architecture challenge.

The Synthetic Auth (https://syntheticauth.ai), a newsletter

I explore digital identity through a lens that’s equal parts technical, philosophical, and a little sardonic. What started as a way to make sense of my own curiosity became something I genuinely love working on. And this year I get to take it to the Identiverse stage. Pretty stoked about that!